Longhorn Network Location Awareness Service
Summary: This paper is the first of two whitepapers that provides information about the Longhorn Network Location Awareness (NLA) service for the Microsoft Windows family of operating systems. This paper defines the concept of a network, explains the role of NLA, describes NLA's features, and provides guidelines for software developers to develop network-aware applications through a case study of a simple mail client. The second whitepaper will be available in February 2005 and will contain application programming interface (API) descriptions and sample code. (11 printed pages)
Applications have long been using networks to collaborate, use network resources, and for configuration. Computer users are becoming more mobile. As a result a computer may be used in environments where there is no network, one network, or multiple networks. Often, users expect to use their applications and services under these different conditions seamlessly.
Today many applications are network-unaware, resulting in customer and developer pain. For example, an IT administrator cannot create policy based on network identity. Similarly, the application cannot adjust its behavior based on the current network identity and conditions. This could force the end user to periodically reconfigure these applications, leading to poor user experience or even application failure.
The few applications that adapt to these changing environments often have to navigate through low-level Windows APIs, data constructs, and perhaps even probing the network themselves to determine the current network conditions. When applications undertake this task themselves, there is a risk of inefficient or inappropriate use of low-level Windows networking services and network resources, inconsistency of network information amongst the applications, and duplication of effort.
The Network Location Awareness (NLA) service aggregates network information available to Windows on behalf of applications and enables them to easily and effectively adapt to these changing environments.
The information an application typically needs to become network-aware falls into the following categories:
- Network identification
- Network characteristics
In order for NLA to provide an identity for a network, we must first describe how to define a network. There are many types of networks including home networks, corporate networks, and public networks such as the Internet.
Corporate networks are made up of multiple subnets and make available resources such as printers, mail servers, credential servers, etc. Typically, users can roam from subnet to subnet within the same network and still have access to the same resources, use the same credentials, and must abide by the same policy. Thus, it is useful to identify the entire corporate network. NLA does this by assigning a unique network ID for each domain corresponding to a DNS domain name suffix.
However a domain-wide definition of a network may be too broad for some applications. For example, a company may wish to apply different policy for some subnets. In such cases, the default gateway may be used to further qualify the network. NLA does this by appending the network ID with a unique link ID based on the default gateway.
The following figure shows a simplified corporate network connected to the Internet.
In general, a home network is connected to the Internet via an Internet service provider (ISP) network such as those provided by broadband service providers. Many homes may use the same ISP and thus share the same domain name. As a result, applications may need a greater precision than a domain-wide network definition. Digital Subscriber Line (DSL) and cable modems typically act as network address translators (NATs). As a result, their MAC addresses can be used to uniquely qualify the user's network. NLA uses the MAC address of the user's DSL or cable modem as the link ID.
The following figure shows home networks connected to the Internet.
Each network has a set of network characteristics that may be useful for configuring application behavior. Examples include Internet connectivity, bandwidth, whether the network is managed by a domain controller, etc.
Along with the identity of each network the computer is connected to and their characteristics, the network-aware application must know the current network state and listen for network events, and then adapt its behavior accordingly.
There are two types of network events:
- New network
- Network gone
There are three types of network states:
- No network
- One network
- Multiple networks
The following figure shows the relationships between network states and network events.
Let's consider a Web browser application and see how it can take advantage of the network ID, network characteristics, and network state and events to improve the user experience. The following table lists the network states, the default experience, and how the Web browser application can use network information.
|Default Experience||New Network||Network Gone|
|No Network||Prompt the user to connect to the Internet.||
||Indicate to the user that the connection is lost and prompt the user to reconnect.|
|Multiple Networks||For each available network:
Use the network with the highest bandwidth.
||For each remaining network:
The goal of NLA is to make it easy for developers to write network aware applications and services. NLA does this by providing applications with a unified API that allows them to obtain up-to-date network information and location change notification.
For each network the PC is connected to, NLA aggregates the network information available to the PC and generates a globally unique identifier (GUID) to identify each network. Applications can query NLA for this list of GUIDs and the network characteristics associated with the networks they identify.
This table shows the list of network characteristics NLA provides and indicates how applications may use them:
|Managed||Indicates when the computer is managed by a domain controller.||Typically, computers that are part of a corporate network are members of a domain that is managed by one or more domain controllers. Therefore, the presence of such a domain controller usually indicates that the network is a corporate network. Applications may use this indication to attempt to discover and connect to corporate resources. Applications may also use this indication to apply policy or settings that are specific to the corporate network.|
|Bandwidth||Indicates the bandwidth of a TCP connection.||Applications may adjust their behavior based on the bandwidth of a TCP connection. For example, if the bandwidth to a mail server is low, then a mail client application may choose to download only the headers of messages, rather than entire messages.|
|Internet Connectivity||Indicates connection to the Internet.||Applications can use this as an indication that they can discover and connect to servers on the Internet or establish a virtual private network (VPN) connection to the corporate network via the Internet.|
|Primary DNS Suffix||The name of the domain for which the computer is a member or the DNS suffix of the computer's full computer name.||Domain names are closely related to the network infrastructures of networks and as a consequence remain relatively static. When a computer moves around or returns to a given network, their Internet Protocol (IP) address may change, but their domain name suffix is likely to be the same. Applications can use this as a hint that the computer is connected the same network and apply policy or settings accordingly. However, the DNS suffix can be spoofed. Therefore, for applications where accurate network determination is needed, the DNS suffix should not be used as the only network identifier.|
|DC Authenticated||Indicates that the domain controller (DC) of the domain for which the computer is a member has authenticated the computer.||When the DC has authenticated the computer, applications may have a degree of confidence that the computer is on the corporate network and use this indication to apply policy or settings that are specific to the corporate network.|
|Host IP address||The IP address of the computer.||If the IP address of the computer is a public IP address, then remote applications can use it to establish a connection to the computer. For example, a help and support application can obtain the computer's IP address to the corporation's help and support center, along with a description of the computer issues so that a technician may connect to the computer to resolve any issues.|
|Subnet Mask||The subnet mask of the subnet to which the computer is connected.||The subnet mask is used along with the host IP address to obtain the network ID of the subnet.|
|Subnet IP address||The network ID of the subnet to which the computer is connected.||Applications may require a more granular network definition than a domain wide network. The network ID allows applications to identify the specific subnet to which the computer is connected. Group policy may be applied per subnet. As a result, it may also be useful for help and support applications to note the subnet to which the user is connected in order for a technician to resolve any issues. The subnet network ID is the host IP address logically ANDed with the subnet mask.|
|Default Gateway IP address||The IP address of the default gateway.||Like domain controllers, gateways (routers) on a subnet are also relatively static. Although the user may roam within a network and connect at different places, when they are configured with the same default gateway, it is likely that they are on the same subnet. Thus, applications may use the default gateway IP address as an indication that the user is on a particular subnet. Applications that require a more granular network definition than a domain wide network may also use the default gateway IP address. This is particularly useful on home networks because home users typically do not have their own domain.|
|WINS||Indicates whether the computer is connected to a network on which a Windows Internet Name Service (WINS) server is present.||In some enterprises, WINS may be used to resolve Network Basic Input/Output System (NetBIOS) names into IP addresses. In such enterprises, the presence of a WINS server may be used as an indication that the network is a corporate network.|
This section illustrates how applications can use NLA through a case study of a simple mail client (SMC) application.
SMC is a single threaded application with five states:
- Initialize Initializes the mail client and retrieves the cached mail from the local mail store.
- Contact Mail Server Attempts to contact the mail server via the Internet.
- Download Downloads mail from the mail server via the Internet.
- Idle Waits until the idle timer has expired.
- Stop Caches the mail from the mail server in the local mail store.
The following figure shows the states of the SMC.
The first step to understanding how to make your application network-aware is to identify how your application is using the network.
In this case, SMC uses the network to contact the mail server and download messages.
Once the application network usage model is understood, the next step is to understand what the customer experience is today and determine if and how customer pain points can be reduced through network awareness. To do this you must examine how the application uses the network given each of the network states and how the network events can affect the user experience.
SMC uses the network to connect to the mail server and download messages. Let's look at these two uses of the network and examine how different network states and network events can impact the user experience. As new problems with SMC are revealed, they are highlighted with a bold italic font.
Contact Mail Server
In this state, SMC attempts to contact the mail server.
If there is no network, SMC fails to contact the mail server, waits for a specified time and then tries to contact the mail server again. As a result, the user sees SMC user interface (UI) freezing periodically while it attempts to contact the mail server and fails.
SMC doesn't check for network connectivity before it attempts to connect to the mail server.
While SMC is in the Idle state, it continues to wait for until the specified time has expired, even if a new network becomes available. As a result, even when the computer obtains a network connection, SMC still does not immediately attempt to connect to the mail server.
SMC doesn't register for notification of network connectivity and exit out of the Idle state upon the availability of a suitable network.
SMC attempts to contact the mail server. If it cannot contact the mail server using the one network, it goes into Idle state, waits, and then re-attempts to connect to the mail server using the same network again. As a result, the user sees SMC UI freezing periodically while it attempts to contact the mail server and fails.
SMC does not check for Internet connectivity. Even though a network connection may be available, it might not be suitable as it may not have Internet connectivity.
If the network connectivity is removed while SMC is trying to connect to the mail server, SMC fails to connect to the mail server and goes into the Idle state. Due to Problem 1, when SMC comes out of Idle state, it will try to contact the mail server even though there is no suitable network.
SMC attempts to connect to the mail server using each network in turn until a network is found where the server can be reached. As a result, the user sees the SMC UI freezing while it attempts to connect to the mail server a few times until the Internet is found. This is due to Problem 3.
If SMC cannot connect to the mail server using any of these networks, the user experience is similar to that of the case where there is one network with no Internet connectivity, which is due to Problem 3.
If the network connectivity is removed while SMC is trying to connect to the mail server, SMC fails to connect to the mail server, and then tries to reconnect with one of the other networks.
In this state, SMC has contacted the mail server and is downloading mail.
SMC downloads messages form the mail server without performing any optimizations based on available bandwidth. As a result, the user will receive their messages one at a time and very slowly on a low bandwidth connection.
SMC does not check the bandwidth of the available networks.
If the network is removed while SMC is downloading messages, SMC returns to the Idle state and waits a specified amount of time before attempting to reconnect. Problem 1 and 3 will cause SMC to attempt to reconnect even when there is no network or only networks with no Internet connectivity.
SMC downloads the messages from the mail server using the network that was used to connect to the mail server. It does not perform any optimizations based on available bandwidth or choose the network with the highest bandwidth. This is the result of Problems 1, 3, and 4. Since SMC does not recognize that there are other networks, and that these have Internet connectivity and higher bandwidth, it cannot choose those networks over the current one.
The last step is to redesign the application so that it fixes the problems identified in Step 2.
Each of the problems identified can be fixed with the following design changes to SMC:
- Enumerate all the networks that the computer is currently connected to using NLA.
- For each network, check whether it has Internet connectivity and check its bandwidth. Then, choose the network that has both Internet connectivity and the highest bandwidth.
- Register with NLA for notification of network events for the networks with Internet connectivity. When notified of a network event, perform Step 2.
Users and their computers are becoming more mobile. As a result, applications must adapt to the computer's changing network environment. Applications that do not deal with changing network conditions on behalf of the user can cause user frustration. Applications can use NLA, like the Simple Mail Client (SMC) outlined in this whitepaper, to improve their user experience by having knowledge of the characteristics of the available networks and the current network state and by registering for notification of relevant network events.